work in progress -- finally commiting more primitives needed for uni scheme
This commit is contained in:
parent
b611b78d6e
commit
ea8042373f
|
@ -1,34 +1,34 @@
|
||||||
<component name="libraryTable">
|
<component name="libraryTable">
|
||||||
<library name="Cargo <libbolt>">
|
<library name="Cargo <libbolt>">
|
||||||
<CLASSES>
|
<CLASSES>
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/libc-0.2.36" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/bitflags-1.0.1" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/serde-0.7.15" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/serde_derive-1.0.35" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/bincode-0.5.9" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/rand-0.4.2" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/syn-0.12.14" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/num-traits-0.1.43" />
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/num-traits-0.1.43" />
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/winapi-x86_64-pc-windows-gnu-0.4.0" />
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/bincode-0.6.1" />
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/unicode-xid-0.1.0" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/libsodium-sys-0.0.16" />
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/libsodium-sys-0.0.16" />
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/byteorder-0.5.3" />
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/byteorder-1.2.1" />
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/rustc-serialize-0.3.24" />
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/rustc-serialize-0.3.24" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/serde_derive_internals-0.22.1" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/winapi-x86_64-pc-windows-gnu-0.4.0" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/rand-0.4.2" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/serde-0.7.15" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/unicode-xid-0.1.0" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/proc-macro2-0.2.3" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/winapi-0.3.4" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/bitflags-1.0.1" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/fuchsia-zircon-sys-0.3.3" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/winapi-i686-pc-windows-gnu-0.4.0" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/serde_derive-1.0.35" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/quote-0.4.2" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/rand-0.3.22" />
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/bn-0.4.3" />
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/bn-0.4.3" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/num-traits-0.2.0" />
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/pkg-config-0.3.9" />
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/pkg-config-0.3.9" />
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/serde-1.0.27" />
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/serde-1.0.27" />
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/rand-0.3.22" />
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/libc-0.2.36" />
|
||||||
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/bincode-0.5.9" />
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/fuchsia-zircon-0.3.3" />
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/fuchsia-zircon-0.3.3" />
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/serde_derive_internals-0.22.1" />
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/syn-0.12.14" />
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/quote-0.4.2" />
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/byteorder-0.5.3" />
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/proc-macro2-0.2.3" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/bincode-0.6.1" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/sodiumoxide-0.0.16" />
|
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/sodiumoxide-0.0.16" />
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/byteorder-1.2.1" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/winapi-i686-pc-windows-gnu-0.4.0" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/winapi-0.3.4" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/num-traits-0.2.0" />
|
|
||||||
<root url="file://$USER_HOME$/.cargo/registry/src/github.com-1ecc6299db9ec823/fuchsia-zircon-sys-0.3.3" />
|
|
||||||
</CLASSES>
|
</CLASSES>
|
||||||
<SOURCES />
|
<SOURCES />
|
||||||
</library>
|
</library>
|
||||||
|
|
11
bin/bolt.rs
11
bin/bolt.rs
|
@ -6,11 +6,14 @@ extern crate bincode;
|
||||||
extern crate serde_derive;
|
extern crate serde_derive;
|
||||||
extern crate serde;
|
extern crate serde;
|
||||||
|
|
||||||
|
use std::fmt;
|
||||||
use bn::{Group, Fr, G1, G2, pairing};
|
use bn::{Group, Fr, G1, G2, pairing};
|
||||||
use bincode::SizeLimit::Infinite;
|
use bincode::SizeLimit::Infinite;
|
||||||
use bincode::rustc_serialize::{encode, decode};
|
use bincode::rustc_serialize::{encode, decode};
|
||||||
|
|
||||||
|
use libbolt::prf;
|
||||||
use libbolt::sym;
|
use libbolt::sym;
|
||||||
|
use libbolt::ote;
|
||||||
use libbolt::clsigs;
|
use libbolt::clsigs;
|
||||||
use libbolt::commit_scheme;
|
use libbolt::commit_scheme;
|
||||||
|
|
||||||
|
@ -315,6 +318,14 @@ fn main() {
|
||||||
|
|
||||||
println!("******************************************");
|
println!("******************************************");
|
||||||
|
|
||||||
|
let s = Fr::random(rng);
|
||||||
|
let key = prf::initPRF(s, None);
|
||||||
|
|
||||||
|
let x = Fr::random(rng);
|
||||||
|
let y = prf::compute(&key, x);
|
||||||
|
|
||||||
|
println!("Compute y = 0x{}", libbolt::print(&y));
|
||||||
|
|
||||||
// let rng = &mut rand::thread_rng();
|
// let rng = &mut rand::thread_rng();
|
||||||
// let G = G1::random(rng); // &dalek_constants::RISTRETTO_BASEPOINT_POINT;
|
// let G = G1::random(rng); // &dalek_constants::RISTRETTO_BASEPOINT_POINT;
|
||||||
// let H = G1::random(rng); // RistrettoPoint::hash_from_bytes::<Sha256>(G.compress().as_bytes());
|
// let H = G1::random(rng); // RistrettoPoint::hash_from_bytes::<Sha256>(G.compress().as_bytes());
|
||||||
|
|
|
@ -243,20 +243,20 @@ ${\sf KeyGen}(PP) \rightarrow (pk, sk)$.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
\medskip \noindent
|
\medskip \noindent
|
||||||
${\sf Init_{C}}(PP, BC_{0}, BM_{0}, pk_c, sk_c) \rightarrow (T_c, csk_c)$. On input a keypair $(pk_c, sk_c)$, perform the following:
|
${\sf Init_{C}}(PP, BC_{0}, BM_{0}, pk_c, sk_c) \rightarrow ({\sf T}_c, csk_c)$. On input a keypair $(pk_c, sk_c)$, perform the following:
|
||||||
|
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Uniformly sample two distinct PRF seeds $k_1, k_2$ and random coins $r$ for the commitment scheme.
|
\item Uniformly sample two distinct PRF seeds $k_1, k_2$ and random coins $r$ for the commitment scheme.
|
||||||
\item Compute ${\sf wCom} = {\sf Commit}(sk_c, k_1, k_2, BC_{0}; r)$
|
\item Compute ${\sf wCom} = {\sf Commit}(sk_c, k_1, k_2, BC_{0}; r)$
|
||||||
\item For $i = 1$ to $BC_0$, sample $ck_i \rightarrow {\sf SymKeyGen}(1^\lambda)$ to form the vector $ck$.
|
\item For $i = 1$ to $BC_0$, sample $ck_i \rightarrow {\sf SymKeyGen}(1^\lambda)$ to form the vector $\vec{ck}$.
|
||||||
\item Output $T_c = ({\sf wCom}, pk_c)$ and $csk_c = (sk_c, k_1, k_2, r, BC_{0}, ck)$.
|
\item Output ${\sf T}_c = ({\sf wCom}, pk_c)$ and $csk_c = (sk_c, k_1, k_2, r, BC_{0}, \vec{ck})$.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
\medskip \noindent
|
\medskip \noindent
|
||||||
${\sf Init_{M}}(PP, BC_{0}, BM_{0}, pk_m, sk_m) \rightarrow T_m, csk_m$. On input a keypair $(pk_m, sk_m)$, perform the following:
|
${\sf Init_{M}}(PP, BC_{0}, BM_{0}, pk_m, sk_m) \rightarrow {\sf T}_m, csk_m$. On input a keypair $(pk_m, sk_m)$, perform the following:
|
||||||
|
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Output $T_m = pk_m$ and $csk_m = (sk_m, BC_{0})$.
|
\item Output ${\sf T}_m = pk_m$ and $csk_m = (sk_m, BC_{0})$.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -111,7 +111,7 @@ pub fn keygen(mpk : &PublicParams) -> KeyPair {
|
||||||
pub fn sign(sk: &SecretKey, m: Fr) -> Signature {
|
pub fn sign(sk: &SecretKey, m: Fr) -> Signature {
|
||||||
let rng = &mut rand::thread_rng();
|
let rng = &mut rand::thread_rng();
|
||||||
let a = G2::random(rng);
|
let a = G2::random(rng);
|
||||||
//let m = msg.hash();
|
|
||||||
let b = a * sk.y;
|
let b = a * sk.y;
|
||||||
let c = a * (sk.x + (m * sk.x * sk.y));
|
let c = a * (sk.x + (m * sk.x * sk.y));
|
||||||
let sig = Signature { a: a, b: b, c: c };
|
let sig = Signature { a: a, b: b, c: c };
|
||||||
|
@ -119,7 +119,6 @@ pub fn sign(sk: &SecretKey, m: Fr) -> Signature {
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn verify(mpk: &PublicParams, pk: &PublicKey, m: Fr, sig: &Signature) -> bool {
|
pub fn verify(mpk: &PublicParams, pk: &PublicKey, m: Fr, sig: &Signature) -> bool {
|
||||||
//let m = msg.hash();
|
|
||||||
let lhs1 = pairing(pk.Y, sig.a);
|
let lhs1 = pairing(pk.Y, sig.a);
|
||||||
let rhs1 = pairing(mpk.g, sig.b);
|
let rhs1 = pairing(mpk.g, sig.b);
|
||||||
let lhs2 = pairing(pk.X, sig.a) * (pairing(pk.X, sig.b).pow(m));
|
let lhs2 = pairing(pk.X, sig.a) * (pairing(pk.X, sig.b).pow(m));
|
||||||
|
|
|
@ -85,7 +85,7 @@ pub fn commit(pk: &PublicKey, m: Fr, R: Option<Fr>) -> Commitment {
|
||||||
//let m = msg.hash();
|
//let m = msg.hash();
|
||||||
let p = "commit -> m";
|
let p = "commit -> m";
|
||||||
debug_elem_in_hex(p, &m);
|
debug_elem_in_hex(p, &m);
|
||||||
|
// c = g^m * h^r
|
||||||
let c = (pk.g * m) + (pk.h * r);
|
let c = (pk.g * m) + (pk.h * r);
|
||||||
// return (c, r) <- d=r
|
// return (c, r) <- d=r
|
||||||
let commitment = Commitment { c: c, d: r };
|
let commitment = Commitment { c: c, d: r };
|
||||||
|
|
50
src/lib.rs
50
src/lib.rs
|
@ -11,7 +11,9 @@ use bincode::SizeLimit::Infinite;
|
||||||
use bincode::rustc_serialize::{encode, decode};
|
use bincode::rustc_serialize::{encode, decode};
|
||||||
use sodiumoxide::crypto::hash::sha512;
|
use sodiumoxide::crypto::hash::sha512;
|
||||||
|
|
||||||
|
pub mod prf;
|
||||||
pub mod sym;
|
pub mod sym;
|
||||||
|
pub mod ote;
|
||||||
pub mod clsigs;
|
pub mod clsigs;
|
||||||
pub mod commit_scheme;
|
pub mod commit_scheme;
|
||||||
|
|
||||||
|
@ -86,6 +88,16 @@ pub fn misc_tests() {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn print(g: &G1) -> String {
|
||||||
|
let c_vec: Vec<u8> = encode(g, Infinite).unwrap();
|
||||||
|
let mut c_s = String::new();
|
||||||
|
for x in c_vec.iter() {
|
||||||
|
c_s = format!("{}{:x}", c_s, x);
|
||||||
|
}
|
||||||
|
|
||||||
|
return c_s;
|
||||||
|
}
|
||||||
|
|
||||||
////////////////////////////////// ZK proof compiler ///////////////////////////////////
|
////////////////////////////////// ZK proof compiler ///////////////////////////////////
|
||||||
|
|
||||||
//pub mod zkp {
|
//pub mod zkp {
|
||||||
|
@ -429,44 +441,6 @@ pub fn misc_tests() {
|
||||||
|
|
||||||
////////////////////////////////// SymKeyEnc ///////////////////////////////////
|
////////////////////////////////// SymKeyEnc ///////////////////////////////////
|
||||||
|
|
||||||
////////////////////////////////// OTEnc ///////////////////////////////////////
|
|
||||||
|
|
||||||
// TODO: implement this next
|
|
||||||
pub mod ot {
|
|
||||||
use std::fmt;
|
|
||||||
use rand;
|
|
||||||
use bn::{Group, Fr, G1, G2};
|
|
||||||
|
|
||||||
pub fn keygen() {
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
// encryption scheme can be implemented by encoding the plaintext as an element in a cyclic group G
|
|
||||||
// and multiplying by a random group element.
|
|
||||||
|
|
||||||
// Our schemes additionally require a one-time encryption algorithm OTEnc where the keyspace
|
|
||||||
// of the algorithm is also the range of the pseudorandom function F.
|
|
||||||
// pub fn encrypt(pk: G1, plaintext: String) {
|
|
||||||
// let rng = &mut rand::thread_rng();
|
|
||||||
// r = G1::random(rng);
|
|
||||||
// // TODO: encode plaintext as a group element
|
|
||||||
//
|
|
||||||
// }
|
|
||||||
|
|
||||||
pub fn decrypt() {
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
////////////////////////////////// OTEnc ///////////////////////////////////////
|
|
||||||
|
|
||||||
pub mod prf {
|
|
||||||
use std::fmt;
|
|
||||||
use bn::{Group, Fr, G1, G2};
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
////////////////////////////////// CL Sigs /////////////////////////////////////
|
////////////////////////////////// CL Sigs /////////////////////////////////////
|
||||||
|
|
||||||
#[derive(Clone)]
|
#[derive(Clone)]
|
||||||
|
|
|
@ -0,0 +1,38 @@
|
||||||
|
/*
|
||||||
|
One-time encryption - keyspace of the OTE is also the range of the pseudo-random function
|
||||||
|
*/
|
||||||
|
|
||||||
|
use std::fmt;
|
||||||
|
use bn::{Group, Fr, G1};
|
||||||
|
use rand;
|
||||||
|
|
||||||
|
pub struct OTMessage {
|
||||||
|
m1: G1,
|
||||||
|
m2: G1
|
||||||
|
}
|
||||||
|
|
||||||
|
pub struct OTCiphertext {
|
||||||
|
c1: G1,
|
||||||
|
c2: G1
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn keygen() -> G1 {
|
||||||
|
let rng = &mut rand::thread_rng();
|
||||||
|
let k = G1::random(rng);
|
||||||
|
return k;
|
||||||
|
}
|
||||||
|
|
||||||
|
// encryption scheme can be implemented by encoding the plaintext as an element in a cyclic group G
|
||||||
|
// and multiplying by a random group element.
|
||||||
|
pub fn otenc(k: G1, m: &OTMessage) -> OTCiphertext {
|
||||||
|
let c1 = k + m.m1;
|
||||||
|
let c2 = k + m.m2;
|
||||||
|
assert!(c1 != c2);
|
||||||
|
return OTCiphertext { c1: c1, c2: c2 };
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn otdec(k: G1, c: &OTCiphertext) -> OTMessage {
|
||||||
|
let X = c.c1 - k;
|
||||||
|
let Y = c.c2 - k;
|
||||||
|
return OTMessage { m1: X, m2: Y};
|
||||||
|
}
|
|
@ -0,0 +1,25 @@
|
||||||
|
/*
|
||||||
|
Pseudo-random Function (PRF) using Dodis-Yampolskiy PRF to support proofs of knowledge.
|
||||||
|
Properties:
|
||||||
|
- strong pr-image resistance
|
||||||
|
*/
|
||||||
|
use rand;
|
||||||
|
use bn::{Group, Fr, G1};
|
||||||
|
|
||||||
|
pub struct PRFKey {
|
||||||
|
s: Fr,
|
||||||
|
g: G1
|
||||||
|
}
|
||||||
|
|
||||||
|
// initialize the PRF with a seed and an optional generator
|
||||||
|
pub fn initPRF(s: Fr, G: Option<G1>) -> PRFKey {
|
||||||
|
let rng = &mut rand::thread_rng();
|
||||||
|
let g = G.unwrap_or(G1::random(rng));
|
||||||
|
return PRFKey { s: s, g: g };
|
||||||
|
}
|
||||||
|
|
||||||
|
// compute the PRF given the key and an input
|
||||||
|
pub fn compute(key: &PRFKey, x: Fr) -> G1 {
|
||||||
|
let r = key.s + x;
|
||||||
|
return key.g * r.inverse().unwrap();
|
||||||
|
}
|
Loading…
Reference in New Issue